Chapter 6: Security, privacy and data integrity

1. ​Data Security

2. Data Integrity

03/06/2024
Lesson Objectives: 6.1 Data Security
Explain the difference between the terms security, privacy and integrity of data.
Show appreciation of the need for both the security of data and the security of the
computer system
Describe security measures designed to protect computer systems, ranging from
the
stand-alone PC to a network of computers.
Including user accounts, passwords, authentication techniques such as digital
signatures, firewall, antivirus software, anti-spyware, encryption.
Show understanding of the threats to computer and data security posed by
networks
and the internet.
Including malware (virus, spyware), hackers, phishing, pharming.
Describe methods that can be used to restrict the risks posed by threats
Describe security methods designed to protect the security of data
Including encryption, access rights

03/06/2024
6.1 Data Security
Watch the video for the Security, privacy and data integrity:
https://www.youtube.com/watch?v=bG5F4djDy1w

03/06/2024
6.1 Data Security
What is data Security ?
Data security is the practice of protecting digital information from unauthorized access,
corruption, or theft throughout its entire lifecycle also refers to protecting your data against
unauthorized access or use that could result in exposure, deletion, or corruption of that data. An
example of data security would be using encryption to prevent hackers from using your data if
it’s breached. Click the link below to watch the video for the data security
https://www.youtube.com/watch?v=_2JLaovsRnk

03/06/2024
6.1 Data Security
6.1.1-Data Privacy:
Data privacy is the process of ensuring that those with authenticated access to systems and
data only view data they should be allowed to view. The process of deciding who should have
access to what information should be a management/leadership team decision and this should
lead to the implementation of procedures to control the flow of information. User Access
Levels(UALs) should be implemented within computer systems and networks to ensure that
database management systems (DBMS) only allow users access to the information they are
allowed to access.
Example: Hospital
Nurses & doctors should only have access to medical information regarding the patients they
are
treating.
Catering managers should have access to all patients’ data, but it should be limited to their
dietary requirements and preferences.
Site staff should only have access to the number of patients in each ward and the
equipment/stock requirements for each ward.
Receptionists should only have access to limited information about a patient ~(such as name,
address, ward No etc) but will need access to all patients
03/06/2024
6.1 Data Security
6.1.1-Data Privacy:
Click the link below to watch the data privacy:
https://www.youtube.com/watch?v=bmgPd0rIrKw

03/06/2024
6.1 Data Security
6.1.2 Preventing data loss and restricting data access
User Account :
A user account is an identity created for a person in a computer or computing system. User Account are used
to authenticate a user( prove a user is who they say they are) and user account control access right. A user
account allows or does not allow a user to connect to a network, another computer, or other shares. Any
network with multiple users requires user accounts. A good example of a user account is an Internet or your
e-mail account.

Use passwords:
Passwords provide the first line of defense against unauthorized access to your computer and
personal information. The stronger your password, the more protected your computer will be
from hackers and malicious software. You should maintain strong passwords for all accounts on
your computer. Strong passwords consist of a combination of uppercase and lowercase letters,
numbers and special symbols. An example of a strong password is:X5j13$#eCM1cG@Kdc

Digital signatures:
Digital signatures are like electronic “fingerprints.” In the form of a coded message, the digital signature
securely associates a signer with a document in a recorded transaction. Digital signatures can provide
evidence of origin, identity and status of electronic documents, transactions or digital messages.
19/12/2021
03/06/2024 By: Noureddine Tadjerout
. 7
6.1 Data Security
6.1.2 Preventing data loss and restricting data access
Use of firewall:
Firewalls provide protection against outside cyber attackers by shielding your computer or
network from malicious or unnecessary network traffic. Firewalls can also prevent malicious
software from accessing a computer or network via the internet.
Click the link below to watch the video. What is a firewall?
https://www.youtube.com/watch?v=kDEX1HXybrU

03/06/2024
6.1 Data Security
6.1.2 Preventing data loss and restricting data access
Antivirus software:
Antivirus software is a computer program that detects and gets rid of computer malware and
viruses. Learn about the definition and examples of antivirus software, and discover how these
programs work.
Click the link below to watch the video. What is an Antivirus and How Does it Work ?
https://www.youtube.com/watch?v=jW626WMWNAE

03/06/2024
6.1 Data Security
6.1.2 Preventing data loss and restricting data access
Anti-spyware software:
Spyware is loosely defined as malicious software designed to enter your computer device,
gather data about you, and forward it to a third-party without your consent. Spyware can also
refer to legitimate software that monitors your data for commercial purposes like advertising.
However, malicious spyware is explicitly used to profit from stolen data.
Click the link below to watch the video What is an Antivirus and How Does it Work ?
https://www.youtube.com/watch?v=1_rXO2Es5B8

03/06/2024
6.1 Data Security
6.1.2 Preventing data loss and restricting data access
Encryption:
Encryption keeps your private data secure from prying eyes and keeps your personal data secure
when you're shopping or banking online. It scrambles data like your credit card details and
home address to ensure hackers can't misuse this information.
https://www.youtube.com/watch?v=6-JjHa-qLPk
Click the link below to watch the video about Encryption ?

03/06/2024
6.1 Data Security
6.1.2 Preventing data loss and restricting data access
Biometrics:
Biometrics is the most suitable means of identifying and authenticating individuals in a reliable
and fast way through unique biological characteristics.
Click the link below to watch the video about Biometrics ?
https://www.youtube.com/watch?v=IlThIvXn2Hk

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Hacking:
Computer hacking, on one hand, describes the activities practiced by individuals, organizations,
and nations, in order to gain unauthorized access to computer and technology dependent
systems. These activities may involve the modification or alteration of system's software and
hardware in order to perform activities neither purposed by the creator nor in line with the
creator's original intentions.
Click the link below to watch the video about What is Hacking & What are the Types
of Hacking ?
https://www.youtube.com/watch?v=9gpvG7ypx5c

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Malware:
Malware (malicious software) is a term used to describe any program or code that is created
with the intent to do harm to a computer, network, or server. Malware infiltrates a computer
system discreetly, so by the time the user realizes their system is infected with malware,
sensitive data and personal information may already be breached. Common types of malware
include viruses, ransomware, keyloggers, trojans, worms, spyware, malvertising, scareware,
backdoors, and mobile malware.
Click the link below to watch the video about Malware?
https://www.youtube.com/watch?v=n8mbzU0X2nQ

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Viruses:
A computer virus, much like a flu virus, is designed to spread from host to host and has the
ability to replicate itself. Similarly, in the same way that flu viruses cannot reproduce without a
host cell, computer viruses cannot reproduce and spread without programming such as a file or
document.
Click the link below to watch the video about what is a Computer Virus
https://www.youtube.com/watch?v=Ip-u5NZJiwY

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Worms:
A computer worm is a malicious program that reproduces itself as it spreads to as many
computers as possible over networks. This makes the computer worm particularly dangerous for
companies. But what exactly does a computer worm do, how is it recognized and how can the
problem be resolved?
Click the link below to watch the video about What is a Computer Worm and How Does
it Work?
https://www.youtube.com/watch?v=oyUsZu6ygq8

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Torjan Horses
Trojan horse is bad news. In fact, a Trojan is an insidious piece of malware that infects a host
computer and potentially takes it over, including the ability to peep through the camera. Watch
the video to learn more about how a Trojan horse works. Trojan horse malware is extremely
tough to defend against because it often exploits the human factor in computer security. Often,
an attacker will hide the Trojan malware in an innocent looking email or download, which users
might confuse as something innocuous before unwittingly clicking and releasing.
Click the link below to watch the video about What is a Trojan Horse and How Does It Work?
https://www.youtube.com/watch?v=pzOM8sc2RPU

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Spyware:
Spyware can penetrate your devices in many covert and overt ways. Once on your device, it can
cause very nasty problems from stealing confidential banking information to causing permanent
damage to your devices.
Click the link below to watch the video about What is Spyware?
https://www.youtube.com/watch?v=-Z3pp14oUiA

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Phishing:
Phishing is a method of trying to gather personal information using deceptive e-mails and
websites. Here's what you need to know about this increasingly sophisticated form of
cyberattack.
Click the link below to watch the video about What is phishing? Learn how this attack
works?
https://www.youtube.com/watch?v=Y7zNlEMDmI4

03/06/2024
6.1 Data Security
6.1.3 Risk to the security of stored data
Pharming:
Pharming is a scamming practice in which malicious code is installed on a personal computer or
server, misdirecting users to fraudulent web sites without their knowledge or consent. The goal
is to get you to provide personal information, like payment card data or passwords, on the false
websites. Cybercriminals could then use your personal information to commit financial fraud
and identity theft.
Click the link below to watch the video about pharming
https://www.youtube.com/watch?v=4F89EvGJ2wA

03/06/2024
6.1 Data Security
6.1.4 Data recovery:
Data loss can be caused by many different factors, and each poses a unique problem for data
recovery. data loss is caused by hard drive crashes or system failure, or Viruses & Malware,
human error, software failure, Hard Drive Damage, Power Outages, Computer Theft, Liquid
Damage, Software Corruption, Hard Drive Formatting , Hackers and Insiders
Click the link below to watch the video for the data recovery:
https://www.youtube.com/watch?v=v0QkafslnrM

03/06/2024
 6.2 Data Integrity

03/06/2024
6.2 Data Integrity
Data Integrity is concerned with preventing data from being
corrupted, deleted or otherwise rendered inaccessible. The
term data integrity refers to the accuracy and consistency of
data. When creating databases, attention needs to be given to
data integrity and how to maintain it. A good database will
enforce data integrity whenever possible. For example, a user
could accidentally try to enter a phone number into a date
field. If the system enforces data integrity, it will prevent the
user from making these mistakes. Click the link below to
watch the video for data integrity.
https://www.youtube.com/watch?v=OEGOfYew3S4
03/06/2024
03/06/2024
6.2 Data Integrity
6.2.1-Validation
Validation is an automatic computer check to ensure that the data
entered is sensible and reasonable. It does not check the accuracy
of data.
For example, a secondary school student is likely to be aged between
11 and 16. The computer can be programmed only to accept numbers
between 11 and 16. This is a range check.
However, this does not guarantee that the number typed in is correct.
For example, a student's age might be 14, but if 11 is entered it will be
valid but incorrect.
Click the link below to watch the video for Validation versus
Verification
https://www.youtube.com/watch?v=UHXV5kz4P14
03/06/2024
03/06/2024
6.2 Data Integrity
6.2.1-Validation
Types of validation
There are a number of validation types that can be used to check the data that is being entered.

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification is performed to ensure that the data entered exactly matches the original source.

Verification during data entry:

Entry verification is the process of ensuring that user has entered what they think they have
entered.
Common Example: Sign-up form password entry
Users are asked to enter their chosen password twice to ensure that they have typed it correctly.
This check is important because password entry fields are normal asterisked out *********** .

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data entry:
Double entry:
Entering the data twice and comparing the two copies. A classic example would be when
creating a new password. You are often asked to enter the password twice. This lets the
computer verify that data entry is exactly the same for both instances, and that no error has
been committed. The first entry is verified against the second entry by matching them.
Visual check:
A form of verification where the user manually compares the newly inputted data against the
original source. Entered data is compared with the original document( in other words, what is in
the screen is compared to the data on the data on the original paper documents)
Check digits:
When transmitting data, errors may occur and some data may be incorrectly received. To
overcome this, an extra value is transmitted to help determine if the data received is correct or
incorrect. This value is known as a check digit.

03/06/2024
6.2 Data Integrity 6.2.2-Verification Verification during data entry:
Check digits:
The value of the check digit is usually calculated from the other data being sent. For
example, the EAN8 barcode number system creates the check digit from the other
seven numbers in the bar code:
The first, third, fifth and seventh numbers are each multiplied by three, and
then added together.
The remaining numbers are added to the
total. The total is divided by ten.
The check digit is determined by
subtracting the remainder from ten.

Example - barcode 2142345

This would give (3 × 2) + (3 × 4) + (3 × 3) +
(3 × 5) = 6 + 12 + 9 + 15 = 42
42 + 1 + 2 + 4 = 49
49 ÷ 10 = 4 remainder 9
10 - 9 = 1
03/06/2024
Check digit = 1
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:
Data transfer verification is the process of ensuring that the data received is the same as the
data sent. When data is transmitted there is a possibility that data may be corrupted on route.
Data must therefore be verified to ensure that is matched the source.
Checksums:
A block of data is sent alongside a calculated checksum value.
The receiving computer also calculates what it believes should be the checksum.
The checksum values are then compared to see if an error has occurred during transmission
The sending computer uses the block of data to be sent, and a predefined
mathematical algorithm, to calculate a checksum value
The sending computer sends the data, plus the checksum value
The receiving computer uses the data it receives to also calculate what it believes should be the
checksum, using the same mathematical algorithm.
The two checksum values are compared by the receiving computer
Due to the nature of the algorithm, it is highly unlikely that corruption has occurred if the
checksum values match. If the checksum values don’t match, the receiving computer requests
that the data is transmitted again
03/06/2024
6.2 Data Integrity
6.2.2-Verification
Checksums:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Checksums:
When a block of data is about to be transmitted, the checksum for the bytes is first of
all calculated. This value is then transmitted with the block of data. At the receiving
end, the checksum is recalculated from the block of data received. This calculated
value is then compared to the checksum transmitted. If they are the same value, then
the data was transmitted without any errors; if the values are different, then a request
is sent for the data to be retransmitted.
Checksum : A value transmitted at the end of a block of data; it is calculated using
the other elements in the data stream and is used to check for transmission
errors).
Click the link below to watch the video for
Checksum
https://www.youtube.com/watch?v=AtVWnyD
DaDI

03/06/2024
03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:
Parity Checks:
An extra bit (parity bit) added to a string of binary code to ensure the number of 1-bits are
either even or odd, depending upon the parity check system used.
Method
The sending and receiving computers agree the protocol to be used (even or odd)
The sending computer adds the correct parity bit to the binary data (either an extra 1 or 0)
The sending computer sends the binary data, including the parity bit
The receiving computer checks to make sure the overall parity of the data received is as agreed
(an even or odd number of 1 bits)
If the parity of the data is incorrect, the receiving computer will request that the data is
transmitted again

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:

03/06/2024
6.2 Data Integrity
6.2.2-Verification
Verification during data transfer:
Parity Checks:
Click the link below to watch the
video for Parity check
https://youtu.be/jLuj62Gq-1I

03/06/2024
03/06/2024
6.2 Data Integrity
Verification during data transfer:
Automatic repeat request (ARQ)
This form of error detection uses a system of acknowledgements and timeouts. Automatic
Repeat Requests (ARQ) are often used to ensure reliable transmissions over an unreliable
service.
Method
The sending computer transmits a block of data
The sending computer waits a period of time to see if the receiving computer acknowledges
receipt of the data. After a set period of time, a timeout occurs which triggers the data to be
automatically resent by the sending computer.
This will continue until the receiving computer acknowledges the data has been received

03/06/2024
6.2 Data Integrity
Verification during data transfer:

03/06/2024
6.2 Data Integrity
Verification during data transfer:
Automatic repeat request (ARQ)
Click the link below to watch the video for Automatic repeat request
(ARQ) https://www.youtube.com/watch?v=9CNHUpYUVeM

03/06/2024
03/06/2024
AS/Level Past Exams Question 1

03/06/2024
AS/Level Past Exams Question 1

03/06/2024
AS/Level Past Exams Answer 1

03/06/2024
AS/Level Past Exams Question 2

03/06/2024
AS/Level Past Exams Question 2

03/06/2024
AS/Level Past Exams Question 2

03/06/2024
AS/Level Past Exams Answer 2

03/06/2024
AS/Level Past Exams Answer 2

03/06/2024
AS/Level Past Exams Answer 2

03/06/2024
AS/Level Past Exams Question 3

03/06/2024
AS/Level Past Exams Question 3

03/06/2024
AS/Level Past Exams Question 3

03/06/2024
AS/Level Past Exams Question 3

03/06/2024
AS/Level Past Exams Answer 3

03/06/2024
AS/Level Past Exams Answer 3

03/06/2024
AS/Level Past Exams Question 4

03/06/2024
AS/Level Past Exams Question 4

03/06/2024
AS/Level Past Exams Answer 4

03/06/2024
AS/Level Past Exams Answer 4

03/06/2024
AS/Level Past Exams Question 5

03/06/2024
AS/Level Past Exams Question 5

03/06/2024
AS/Level Past Exams Answer 5

03/06/2024
AS/Level Past Exams Answer 5

03/06/2024
AS/Level Past Exams Question 6

03/06/2024
AS/Level Past Exams Question 6

03/06/2024
AS/Level Past Exams Question 6

03/06/2024
AS/Level Past Exams Answer 6

03/06/2024
AS/Level Past Exams Answer 6

03/06/2024
AS/Level Past Exams Question 7

03/06/2024
AS/Level Past Exams Question 7

03/06/2024
AS/Level Past Exams Question 7

03/06/2024
AS/Level Past Exams Answer 7

03/06/2024
AS/Level Past Exams Answer 7

03/06/2024
AS/Level Past Exams Question 8

03/06/2024
AS/Level Past Exams Answer 8

03/06/2024
AS/Level Past Exams Question 9

03/06/2024
AS/Level Past Exams Answer 9

03/06/2024
AS/Level Past Exams Question 10

03/06/2024
AS/Level Past Exams Answer 10

03/06/2024
AS/Level Past Exams Question 11

03/06/2024
AS/Level Past Exams Answer 11

03/06/2024
AS/Level Past Exams Question 12

03/06/2024
AS/Level Past Exams Question 12

03/06/2024
AS/Level Past Exams Question 12

03/06/2024
AS/Level Past Exams Answer 12

03/06/2024
AS/Level Past Exams Answer 12

03/06/2024
AS/Level Past Exams Answer 12

03/06/2024
AS/Level Past Exams Question 13

03/06/2024
AS/Level Past Exams Question 13

03/06/2024
AS/Level Past Exams Answer 13

03/06/2024